Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
14/05/2024, 16:14
Behavioral task
behavioral1
Sample
42200fd3fb2e22c8a5501586b31446b7_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
42200fd3fb2e22c8a5501586b31446b7_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
42200fd3fb2e22c8a5501586b31446b7_JaffaCakes118.pdf
-
Size
41KB
-
MD5
42200fd3fb2e22c8a5501586b31446b7
-
SHA1
a1590a20e8d396619bae77a3fff32ef13f370391
-
SHA256
c8a3cd88326aad9825d71835a8ca6d240713327577161c3940db0bbc05136da2
-
SHA512
c1dca8f02e4fe7823a992fced5282a8d6a7ef2da1ae60cb0fe2a4f371cc58e3a4bdcc7035b9533753cc54ba8fe032a1e6758b79e733a927e58e3caf930c544cf
-
SSDEEP
768:68hnmcdn6JCu7PX4vDiv+oQnVji51ePGV3G9mWuSDQgaWFi2TJWbm1L/CLaZUny/:68UVJdrOMUVji51ePGV3G9mWuSDQgaWz
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2436 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2436 AcroRd32.exe 2436 AcroRd32.exe 2436 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\42200fd3fb2e22c8a5501586b31446b7_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2436
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD505d104c6bae27d0e4146e1708a4065eb
SHA1e339e2f0e500290cd14da9cbfcfcbe0c90c5ae3e
SHA256336f60aef42c1fc121b0c81620673d06076b9b9ddc06be4f682537a2cda0900d
SHA512d49901c8f0510f1d7719d39f94720ffb09e87ed086280806f13b41b0b7f2d5579a0d596870427ebd2e2c5c6583d968503a68d94025620b89f2d84de03c20ca01